Resources

(ISC)² Community

CAP – Security Assessment and Authorization Certification

Become a CAP – Certified Authorization Professional

Earning the CAP certification is a proven way to build your career and demonstrate your expertise within the risk management framework (RMF).

The CAP is the only certification under the DoD8570 mandate that aligns with each RMF step. It shows employers you have the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies and procedures established by the cybersecurity experts at (ISC)².

Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey.

Your Pathway to Certification

Who Earns the CAP?

The CAP is ideal for IT, information security, and information assurance practitioners and contractors who use the RMF in:

The U.S. federal government, such as the U.S. Department of State or Department of Defense

The military

Civilian roles, such as federal contractors

Local governments

Private sector organizations

Is the CAP Right for You?

The CAP isn’t the best cybersecurity certification option for everyone. Before you start down your certification path, make sure you aren’t missing an opportunity to pursue a credential more aligned with your immediate career goals.

For a complete list of acronyms you may encounter during your (ISC)² exam, reference the translated (ISC)² Certification Terms glossary.

Register for Your CAP Exam

Don’t wait. If you’re ready to pursue the CAP certification, commit yourself now by registering for the exam.

Schedule your exam by creating an account with Pearson VUE, the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

With self-paced or instructor-led online and classroom courses, (ISC)² has a training option to fit your schedule and learning style. Trainings, seminars, courseware and self-study aids directly from (ISC)² or one of our many Official Training Providers help you get ready for the rigorous CAP exam by reviewing relevant domains and topics. Visit the (ISC)² Training Finder to register for the course that best meets your needs, including:

Gain the Necessary Work Experience

To qualify for this cybersecurity certification, you must pass the exam and have at least two years of cumulative, paid work experience in one or more of the seven domains of the (ISC)² CAP Common Body of Knowledge (CBK).

Don’t have enough experience yet? You can still pass the CAP exam and become an Associate of (ISC)² while you earn the required work experience.

Complete the Endorsement Process

Once you receive notification that you have successfully passed the exam, you can start the online endorsement process. This process attests that your assertions regarding professional experience are true and that you are in good standing within the cybersecurity industry.

Agree to the (ISC)² Code of Ethics

All information security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained. All (ISC)² members are required to commit to fully support (ISC)² Code of Ethics Canons:

Protect society, the common good, necessary public trust and confidence, and the infrastructure.

Act honorably, honestly, justly, responsibly, and legally.

Provide diligent and competent service to principles.

Advance and protect the profession.

Pay Your First Annual Maintenance Fee

Annual Maintenance Fees (AMFs) are used by (ISC)² to support the costs of maintaining the (ISC)² certifications and related support systems.

Certified Members AMFs

(ISC)² certified members pay a single AMF of U.S. $125 which is due each year upon the anniversary of their certification date. Members only pay a single AMF of U.S. $125 regardless of how many certifications they earn. AMFs for members with multiple certifications are due on their earliest certification anniversary.

Associates of (ISC)² AMFs

Associates of (ISC)² pay an AMF of U.S. $50 which is due each year upon the anniversary of achieving their associate status.

Join A Global Community Of Cybersecurity Leaders

Once you are certified and become an (ISC)² member, you’re a part of a global community of more than 140,000 certified cybersecurity professionals focused on inspiring a safe and secure cyber world. In addition to that extensive network, a wealth of continuing education opportunities help you keep your skills sharp, informed of the latest trends and best practices, and ensures your expertise remains relevant throughout your career. Learn more about (ISC)² member benefits.

The CAP is ideal for IT, information security, and information assurance practitioners and contractors who use the RMF in:

The U.S. federal government, such as the U.S. Department of State or Department of Defense

The military

Civilian roles, such as federal contractors

Local governments

Private sector organizations

Is the CAP Right for You?

The CAP isn’t the best cybersecurity certification option for everyone. Before you start down your certification path, make sure you aren’t missing an opportunity to pursue a credential more aligned with your immediate career goals.

For a complete list of acronyms you may encounter during your (ISC)² exam, reference the translated (ISC)² Certification Terms glossary.

Register for Your CAP Exam

Don’t wait. If you’re ready to pursue the CAP certification, commit yourself now by registering for the exam.

Schedule your exam by creating an account with Pearson VUE, the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

With self-paced or instructor-led online and classroom courses, (ISC)² has a training option to fit your schedule and learning style. Trainings, seminars, courseware and self-study aids directly from (ISC)² or one of our many Official Training Providers help you get ready for the rigorous CAP exam by reviewing relevant domains and topics. Visit the (ISC)² Training Finder to register for the course that best meets your needs, including:

To qualify for this cybersecurity certification, you must pass the exam and have at least two years of cumulative, paid work experience in one or more of the seven domains of the (ISC)² CAP Common Body of Knowledge (CBK).

Don’t have enough experience yet? You can still pass the CAP exam and become an Associate of (ISC)² while you earn the required work experience.

Complete the Endorsement Process

Once you receive notification that you have successfully passed the exam, you can start the online endorsement process. This process attests that your assertions regarding professional experience are true and that you are in good standing within the cybersecurity industry.

Agree to the (ISC)² Code of Ethics

All information security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained. All (ISC)² members are required to commit to fully support (ISC)² Code of Ethics Canons:

Protect society, the common good, necessary public trust and confidence, and the infrastructure.

Act honorably, honestly, justly, responsibly, and legally.

Provide diligent and competent service to principles.

Advance and protect the profession.

Pay Your First Annual Maintenance Fee

Annual Maintenance Fees (AMFs) are used by (ISC)² to support the costs of maintaining the (ISC)² certifications and related support systems.

Certified Members AMFs

(ISC)² certified members pay a single AMF of U.S. $125 which is due each year upon the anniversary of their certification date. Members only pay a single AMF of U.S. $125 regardless of how many certifications they earn. AMFs for members with multiple certifications are due on their earliest certification anniversary.

Associates of (ISC)² AMFs

Associates of (ISC)² pay an AMF of U.S. $50 which is due each year upon the anniversary of achieving their associate status.

Once you are certified and become an (ISC)² member, you’re a part of a global community of more than 140,000 certified cybersecurity professionals focused on inspiring a safe and secure cyber world. In addition to that extensive network, a wealth of continuing education opportunities help you keep your skills sharp, informed of the latest trends and best practices, and ensures your expertise remains relevant throughout your career. Learn more about (ISC)² member benefits.

Social Media

All contents of this site constitute the property of (ISC)², Inc. and may not be copied, reproduced or distributed without prior written permission. (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered certification marks of (ISC)², Inc.